URL: https://www.bookingconfirmation.odishait.com/
Submission: On December 05 via automatic, source certstream-suspicious — Scanned from CA

Summary

This website contacted 9 IPs in 2 countries across 5 domains to perform 37 HTTP transactions. The main IP is 51.222.41.207, located in Beauharnois, Canada and belongs to OVH, FR. The main domain is www.bookingconfirmation.odishait.com.
TLS certificate: Issued by bookingconfirmation.odishait.com on December 4th 2021. Valid for: a year.
This is the only time www.bookingconfirmation.odishait.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
15 www.gstatic.com docs.google.com
www.gstatic.com
www.google.com
8 fonts.gstatic.com fonts.googleapis.com
6 www.google.com docs.google.com
www.gstatic.com
3 fonts.googleapis.com docs.google.com
3 docs.google.com 1 redirects www.bookingconfirmation.odishait.com
www.gstatic.com
1 ssl.gstatic.com www.gstatic.com
1 lh6.googleusercontent.com docs.google.com
1 www.bookingconfirmation.odishait.com
37 8

This site contains no links.

Subject Issuer Validity Valid
bookingconfirmation.odishait.com
bookingconfirmation.odishait.com
2021-12-04 -
2022-12-04
a year crt.sh
*.google.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
www.google.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh
*.googleusercontent.com
GTS CA 1C3
2021-11-01 -
2022-01-24
3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.bookingconfirmation.odishait.com/
Frame ID: 2C377890522980B996D24CA4DC5CACD6
Requests: 1 HTTP requests in this frame

Frame: https://docs.google.com/forms/d/1CTm8EnbwL9xMHvOdSHvCgZwIgNLsjiW9JdRllc0XxRA/viewform?edit_requested=true
Frame ID: AB5F71BFCF2A3F0CCDE4177A4C39C448
Requests: 22 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ&co=aHR0cHM6Ly9kb2NzLmdvb2dsZS5jb206NDQz&hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&badge=inline&cb=u7smzjz7nkd9
Frame ID: EA85D1A2E12B40EF1FAAC186EE288557
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ
Frame ID: 9C081E72BFEC18DCB89EAF9AD2F3EB12
Requests: 11 HTTP requests in this frame

Screenshot

Page Title

Booking Confirmation Customer:

Page Statistics

37
Requests

97 %
HTTPS

88 %
IPv6

5
Domains

8
Subdomains

9
IPs

2
Countries

1098 kB
Transfer

3034 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://docs.google.com/forms/d/1CTm8EnbwL9xMHvOdSHvCgZwIgNLsjiW9JdRllc0XxRA/edit HTTP 302
  • https://docs.google.com/forms/d/1CTm8EnbwL9xMHvOdSHvCgZwIgNLsjiW9JdRllc0XxRA/viewform?edit_requested=true

37 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.bookingconfirmation.odishait.com/
225 B
348 B
Document
General
Full URL
https://www.bookingconfirmation.odishait.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
51.222.41.207 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
server50.dnssecureserver.com
Software
LiteSpeed /
Resource Hash
1beefd626d506b3deca8dbffbbe90eb9b251641a324e82a26493934ee8100af5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

vary
Accept-Encoding
content-type
text/html; charset=UTF-8
content-length
204
content-encoding
gzip
date
Sun, 05 Dec 2021 15:21:00 GMT
server
LiteSpeed
alt-svc
quic=":443"; ma=2592000; v="35,39,43,44"
viewform
docs.google.com/forms/d/1CTm8EnbwL9xMHvOdSHvCgZwIgNLsjiW9JdRllc0XxRA/ Frame AB5F
Redirect Chain
  • https://docs.google.com/forms/d/1CTm8EnbwL9xMHvOdSHvCgZwIgNLsjiW9JdRllc0XxRA/edit
  • https://docs.google.com/forms/d/1CTm8EnbwL9xMHvOdSHvCgZwIgNLsjiW9JdRllc0XxRA/viewform?edit_requested=true
181 KB
35 KB
Document
General
Full URL
https://docs.google.com/forms/d/1CTm8EnbwL9xMHvOdSHvCgZwIgNLsjiW9JdRllc0XxRA/viewform?edit_requested=true
Requested by
Host: www.bookingconfirmation.odishait.com
URL: https://www.bookingconfirmation.odishait.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
87353bb8a4cb3b662048a67a778a8f5186bed7a38725bf561f4b567858fc916b
Security Headers
Name Value
Content-Security-Policy base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-3LhIra0eQ3sfUT1DxK5Hug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://www.bookingconfirmation.odishait.com/

Response headers

content-type
text/html; charset=utf-8
x-robots-tag
noindex, nofollow, nosnippet
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 05 Dec 2021 15:21:01 GMT
content-encoding
gzip
content-security-policy
base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-3LhIra0eQ3sfUT1DxK5Hug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
referrer-policy
strict-origin-when-cross-origin
x-content-type-options
nosniff
x-xss-protection
1; mode=block
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 05 Dec 2021 15:21:01 GMT
location
https://docs.google.com/forms/d/1CTm8EnbwL9xMHvOdSHvCgZwIgNLsjiW9JdRllc0XxRA/viewform?edit_requested=true
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy
base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-cYO2klqL9hbDAt1IsuMrhg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
content-length
240
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
icon
fonts.googleapis.com/ Frame AB5F
616 B
892 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons+Extended
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/1CTm8EnbwL9xMHvOdSHvCgZwIgNLsjiW9JdRllc0XxRA/viewform?edit_requested=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
07e86a231990ac1bf28b15c371252cc2ec302d247289b488a8968956053323e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 05 Dec 2021 15:21:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 05 Dec 2021 15:21:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 05 Dec 2021 15:21:01 GMT
rs=AMjVe6gCI6nkwQqKOsE5OVXXjIWYBp-ATQ
www.gstatic.com/_/freebird/_/ss/k=freebird.v.-44jiczr9udo2.L.W.O/d=1/ Frame AB5F
406 KB
50 KB
Stylesheet
General
Full URL
https://www.gstatic.com/_/freebird/_/ss/k=freebird.v.-44jiczr9udo2.L.W.O/d=1/rs=AMjVe6gCI6nkwQqKOsE5OVXXjIWYBp-ATQ
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/1CTm8EnbwL9xMHvOdSHvCgZwIgNLsjiW9JdRllc0XxRA/viewform?edit_requested=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cfc02c425a36eab2ab7e2616df1fea9207cb37087e55b0cc9db861fc1bd414
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 18:44:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74190
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50931
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 19:30:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-forms"
vary
Accept-Encoding, Origin
report-to
{"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]}
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 04 Dec 2022 18:44:31 GMT
css
fonts.googleapis.com/ Frame AB5F
13 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google+Sans_old:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/1CTm8EnbwL9xMHvOdSHvCgZwIgNLsjiW9JdRllc0XxRA/viewform?edit_requested=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
87172bbb7a6dbab90eed6980f0227fce45be31f77c889a7792ce1b44b8744dbd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 05 Dec 2021 13:40:07 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 05 Dec 2021 15:21:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 05 Dec 2021 15:21:01 GMT
css
fonts.googleapis.com/ Frame AB5F
1 KB
530 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Product+Sans&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/1CTm8EnbwL9xMHvOdSHvCgZwIgNLsjiW9JdRllc0XxRA/viewform?edit_requested=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8815526f7d2667c75297c2094dace87a1aeb879f5f79e17195cd077a783b03c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 05 Dec 2021 13:41:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 05 Dec 2021 15:21:01 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 05 Dec 2021 15:21:01 GMT
api.js
www.google.com/recaptcha/ Frame AB5F
1000 B
1 KB
Script
General
Full URL
https://www.google.com/recaptcha/api.js?trustedtypes=true
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/1CTm8EnbwL9xMHvOdSHvCgZwIgNLsjiW9JdRllc0XxRA/viewform?edit_requested=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
7dba69037b140510c6cea5d1fa437c2a9f4028ada075f240aacc69b47aaf4769
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 15:21:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
638
x-xss-protection
1; mode=block
expires
Sun, 05 Dec 2021 15:21:01 GMT
googlelogo_dark_clr_74x24px.svg
www.gstatic.com/images/branding/googlelogo/svg/ Frame AB5F
1 KB
714 B
Image
General
Full URL
https://www.gstatic.com/images/branding/googlelogo/svg/googlelogo_dark_clr_74x24px.svg
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/1CTm8EnbwL9xMHvOdSHvCgZwIgNLsjiW9JdRllc0XxRA/viewform?edit_requested=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4af84efe90891185d9b29a841181ca9d26d7560864ea47b6cd709d3b964aee3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 19:49:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156662
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
689
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/svg+xml
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 03 Dec 2022 19:49:59 GMT
m=viewer_base
www.gstatic.com/_/freebird/_/js/k=freebird.v.en_CA.Sksy72FxlBY.O/d=1/rs=AMjVe6jjDwjjs6I1ENu6YLgltdQezd7Y6g/ Frame AB5F
331 KB
108 KB
Script
General
Full URL
https://www.gstatic.com/_/freebird/_/js/k=freebird.v.en_CA.Sksy72FxlBY.O/d=1/rs=AMjVe6jjDwjjs6I1ENu6YLgltdQezd7Y6g/m=viewer_base
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/1CTm8EnbwL9xMHvOdSHvCgZwIgNLsjiW9JdRllc0XxRA/viewform?edit_requested=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47f9019272bdb86802d35d3591b0c7eef76a0c73935c836e47006bea87156bc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 18:51:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
505766
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110658
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 19:30:58 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-forms"
expires
Tue, 29 Nov 2022 18:51:35 GMT
O8iUnuYwQhfDDBwpNFCGVnFFpefrccSNQr1SxrbKaJNMf4VDt5qkkh-koQeXHBkrbZG-4_isjYpBgw9AMOibM0OKnK5yEFiWiuQhNAsRKngt6LQjkGwhztXyfeLFvwjvlw=w828
lh6.googleusercontent.com/ Frame AB5F
22 KB
22 KB
Image
General
Full URL
https://lh6.googleusercontent.com/O8iUnuYwQhfDDBwpNFCGVnFFpefrccSNQr1SxrbKaJNMf4VDt5qkkh-koQeXHBkrbZG-4_isjYpBgw9AMOibM0OKnK5yEFiWiuQhNAsRKngt6LQjkGwhztXyfeLFvwjvlw=w828
Requested by
Host: docs.google.com
URL: https://docs.google.com/forms/d/1CTm8EnbwL9xMHvOdSHvCgZwIgNLsjiW9JdRllc0XxRA/viewform?edit_requested=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
78688961c758469af458530c1875f56279c41e05b1fd8b306929aa8445f390dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 15:21:02 GMT
x-content-type-options
nosniff
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="AF1QipNwdJzD4ZI09HELpIFqaoB0P1u_o17qX6fq7Lsx=w828-h207.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22118
x-xss-protection
0
expires
Mon, 06 Dec 2021 15:21:02 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame AB5F
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans_old:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://docs.google.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 16:23:56 GMT
x-content-type-options
nosniff
age
428225
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Nov 2022 16:23:56 GMT
truncated
/ Frame AB5F
266 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame AB5F
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/ss/k=freebird.v.-44jiczr9udo2.L.W.O/d=1/rs=AMjVe6gCI6nkwQqKOsE5OVXXjIWYBp-ATQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/_/freebird/_/ss/k=freebird.v.-44jiczr9udo2.L.W.O/d=1/rs=AMjVe6gCI6nkwQqKOsE5OVXXjIWYBp-ATQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 01:31:11 GMT
x-content-type-options
nosniff
age
136190
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Sat, 11 Dec 2021 01:31:11 GMT
qp_sprite154.svg
ssl.gstatic.com/docs/forms/ Frame AB5F
115 KB
14 KB
Image
General
Full URL
https://ssl.gstatic.com/docs/forms/qp_sprite154.svg
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/ss/k=freebird.v.-44jiczr9udo2.L.W.O/d=1/rs=AMjVe6gCI6nkwQqKOsE5OVXXjIWYBp-ATQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f515960b6c24cee30cfcaec3652938ad3fd8f0b21b19a17515d3770e78af2c6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 00:30:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
53459
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/docs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13435
x-xss-protection
0
last-modified
Fri, 15 Oct 2021 19:48:00 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"docs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/docs"}]}
content-type
image/svg+xml
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="docs"
expires
Mon, 05 Dec 2022 00:30:02 GMT
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame AB5F
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans_old:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://docs.google.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 16:04:28 GMT
x-content-type-options
nosniff
age
342993
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21716
x-xss-protection
0
last-modified
Wed, 11 Nov 2020 20:26:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 01 Dec 2022 16:04:28 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame AB5F
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans_old:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://docs.google.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 16:23:56 GMT
x-content-type-options
nosniff
age
428225
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21552
x-xss-protection
0
last-modified
Wed, 11 Nov 2020 20:26:16 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Nov 2022 16:23:56 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame AB5F
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans_old:400,500|Roboto:300,400,400i,500,700&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://docs.google.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 01:28:42 GMT
x-content-type-options
nosniff
age
222739
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 03 Dec 2022 01:28:42 GMT
pxiDypQkot1TnFhsFMOfGShVF9eO.woff2
fonts.gstatic.com/s/productsans/v13/ Frame AB5F
34 KB
34 KB
Font
General
Full URL
https://fonts.gstatic.com/s/productsans/v13/pxiDypQkot1TnFhsFMOfGShVF9eO.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Product+Sans&subset=latin,vietnamese,latin-ext,cyrillic,greek,cyrillic-ext,greek-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
57243fd434e21b8aff3ac902f17e5a94e4a9e28412df169d0b1804ef25f5de43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://docs.google.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 01:16:07 GMT
x-content-type-options
nosniff
age
137094
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35140
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 22:53:52 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 04 Dec 2022 01:16:07 GMT
m=MpJwZc,n73qwf,sy19,ws9Tlc,sy0,syy,syz,sy10,sy1,sy11,sy18,sy31,sy32,V3dDOb,sy2m,gkf10d,j2YlP,sy6,sy7,sya,sy8,sy1z,OShpD,syx,sy15,sy1a,sy12,sy1b,sy1m,sy3i,A4UTCb,sy2,owcnme,sy25,sy26,sy2r,sy2t,Sk9a...
www.gstatic.com/_/freebird/_/js/k=freebird.v.en_CA.Sksy72FxlBY.O/d=0/rs=AMjVe6jjDwjjs6I1ENu6YLgltdQezd7Y6g/ Frame AB5F
469 KB
146 KB
XHR
General
Full URL
https://www.gstatic.com/_/freebird/_/js/k=freebird.v.en_CA.Sksy72FxlBY.O/d=0/rs=AMjVe6jjDwjjs6I1ENu6YLgltdQezd7Y6g/m=MpJwZc,n73qwf,sy19,ws9Tlc,sy0,syy,syz,sy10,sy1,sy11,sy18,sy31,sy32,V3dDOb,sy2m,gkf10d,j2YlP,sy6,sy7,sya,sy8,sy1z,OShpD,syx,sy15,sy1a,sy12,sy1b,sy1m,sy3i,A4UTCb,sy2,owcnme,sy25,sy26,sy2r,sy2t,Sk9apb,J8mJTc,UUJqVe,CP1oW,sy20,sbHRWb,sy37,sy4n,cNHZjb,syg,syj,syh,sy1r,sy16,sy1s,sy2p,pxq3x,syv,sy2n,O6y8ed,sy38,sy39,sy3b,syb,sy3a,sy3c,Xhpexc,Q91hve,sy9,sy3,sy2v,sy2w,mRfQQ,sy3e,sy3d,CFa0o,sy3j,VXdfxd,syr,sy3k,sy4q,sy4r,YwHGTd,sy3s,sy3t,sy3q,sy3w,sy3r,sy3u,sy3x,sy3v,sy3y,sy3z,s39S4,sy1p,ENNBBf,L1AAkb,KUM7Z,QvB8bb,bCfhJc,sy2q,syc,u9ZRK,pItcJd,yZuGp,aW3pY,KFVhZe,sy2y,sy2z,sy30,I6YDgd,N5Lqpc,sy1g,sy1c,sy1h,sy1d,sy1i,sy1j,sy1t,sy1e,sy1f,sy1k,sy1l,sy1n,sy1o,sy1q,sy1u,fgj8Rb,sy5n,sy5o,sy5p,xQtZb,IvDHfc,sy3f,sy36,sy2o,i5dxUd,sy3g,sy3h,sy3l,sy35,wg1P6b,EcW08c,sy3m,sy3n,sy3o,t8tqF,sy14,p2tbsc,sy21,sy22,sy23,LxALBf,sy34,sy47,sy4d,vofJp,sy4h,SM1lmd,QwQO1b,WdhPgc,sy28,sy2b,QMSdQb,JCrucd,ok0nye,sy2a,xmYr4,sy1y,sy1w,sy2x,sy3p,sy43,sy4e,sy4f,sy40,sy44,sy4c,sy41,sy1v,sy4j,sy49,sy4a,sy4b,Iy5Qtc,hYei2d,sy4k,sy1x,sy45,sy46,sy48,pFu8T,TOfxwf,riEgMd,sy4i,RGrRJf,lSvzH,OkF2xb,oZECf,ID6c7,sy42,sy4o,sy4p,rmdjlf,A2m8uc,yUS4Lc,v4y9Mc,KOZzeb,rxfmRc,OZjhxc,lLliLe,liFoG,sy4g,oCiKKc,lWjoT,sW52Ae
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.en_CA.Sksy72FxlBY.O/d=1/rs=AMjVe6jjDwjjs6I1ENu6YLgltdQezd7Y6g/m=viewer_base
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a59acfc662ed79da4a8d1f6490f5c279af1e8f35747ddc334fafd55c49cd3d66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 15:21:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148966
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 19:30:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-forms"
vary
Accept-Encoding, Origin
report-to
{"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://docs.google.com
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 05 Dec 2022 15:21:01 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame AB5F
343 KB
134 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?trustedtypes=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7511f403bc5d8cdd240bbdb02c5848775e0f89f6dd952e70675d22fd434e1b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://docs.google.com/
Origin
https://docs.google.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 13:58:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4960
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
137335
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 05:04:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Mon, 05 Dec 2022 13:58:21 GMT
lazy.min.js
www.gstatic.com/feedback/js/help/prod/service/ Frame AB5F
78 KB
28 KB
Script
General
Full URL
https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.en_CA.Sksy72FxlBY.O/d=0/rs=AMjVe6jjDwjjs6I1ENu6YLgltdQezd7Y6g/m=MpJwZc,n73qwf,sy19,ws9Tlc,sy0,syy,syz,sy10,sy1,sy11,sy18,sy31,sy32,V3dDOb,sy2m,gkf10d,j2YlP,sy6,sy7,sya,sy8,sy1z,OShpD,syx,sy15,sy1a,sy12,sy1b,sy1m,sy3i,A4UTCb,sy2,owcnme,sy25,sy26,sy2r,sy2t,Sk9apb,J8mJTc,UUJqVe,CP1oW,sy20,sbHRWb,sy37,sy4n,cNHZjb,syg,syj,syh,sy1r,sy16,sy1s,sy2p,pxq3x,syv,sy2n,O6y8ed,sy38,sy39,sy3b,syb,sy3a,sy3c,Xhpexc,Q91hve,sy9,sy3,sy2v,sy2w,mRfQQ,sy3e,sy3d,CFa0o,sy3j,VXdfxd,syr,sy3k,sy4q,sy4r,YwHGTd,sy3s,sy3t,sy3q,sy3w,sy3r,sy3u,sy3x,sy3v,sy3y,sy3z,s39S4,sy1p,ENNBBf,L1AAkb,KUM7Z,QvB8bb,bCfhJc,sy2q,syc,u9ZRK,pItcJd,yZuGp,aW3pY,KFVhZe,sy2y,sy2z,sy30,I6YDgd,N5Lqpc,sy1g,sy1c,sy1h,sy1d,sy1i,sy1j,sy1t,sy1e,sy1f,sy1k,sy1l,sy1n,sy1o,sy1q,sy1u,fgj8Rb,sy5n,sy5o,sy5p,xQtZb,IvDHfc,sy3f,sy36,sy2o,i5dxUd,sy3g,sy3h,sy3l,sy35,wg1P6b,EcW08c,sy3m,sy3n,sy3o,t8tqF,sy14,p2tbsc,sy21,sy22,sy23,LxALBf,sy34,sy47,sy4d,vofJp,sy4h,SM1lmd,QwQO1b,WdhPgc,sy28,sy2b,QMSdQb,JCrucd,ok0nye,sy2a,xmYr4,sy1y,sy1w,sy2x,sy3p,sy43,sy4e,sy4f,sy40,sy44,sy4c,sy41,sy1v,sy4j,sy49,sy4a,sy4b,Iy5Qtc,hYei2d,sy4k,sy1x,sy45,sy46,sy48,pFu8T,TOfxwf,riEgMd,sy4i,RGrRJf,lSvzH,OkF2xb,oZECf,ID6c7,sy42,sy4o,sy4p,rmdjlf,A2m8uc,yUS4Lc,v4y9Mc,KOZzeb,rxfmRc,OZjhxc,lLliLe,liFoG,sy4g,oCiKKc,lWjoT,sW52Ae
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba8663e3d87b920403aa3ac32b4949a49ca03e296987e1373601d722e451e559
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 14:45:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2151
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/product-feedback-gathering
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28725
x-xss-protection
0
last-modified
Thu, 02 Dec 2021 00:34:29 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="product-feedback-gathering"
vary
Accept-Encoding, Origin
report-to
{"group":"product-feedback-gathering","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/product-feedback-gathering"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Sun, 05 Dec 2021 15:35:11 GMT
m=SBlcU,rYNGv,sWGJ4b
www.gstatic.com/_/freebird/_/js/k=freebird.v.en_CA.Sksy72FxlBY.O/d=0/rs=AMjVe6jjDwjjs6I1ENu6YLgltdQezd7Y6g/ Frame AB5F
2 KB
1 KB
XHR
General
Full URL
https://www.gstatic.com/_/freebird/_/js/k=freebird.v.en_CA.Sksy72FxlBY.O/d=0/rs=AMjVe6jjDwjjs6I1ENu6YLgltdQezd7Y6g/m=SBlcU,rYNGv,sWGJ4b
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.en_CA.Sksy72FxlBY.O/d=1/rs=AMjVe6jjDwjjs6I1ENu6YLgltdQezd7Y6g/m=viewer_base
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6eeef2059211780000bedb6153d1afc48bd45dd3600b21a2cd8150f7684c6fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://docs.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 18:55:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
505548
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-forms
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1115
x-xss-protection
0
last-modified
Thu, 11 Nov 2021 19:30:58 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"apps-forms","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-forms"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://docs.google.com
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="apps-forms"
expires
Tue, 29 Nov 2022 18:55:14 GMT
naLogImpressions
docs.google.com/forms/d/e/1FAIpQLSf4TBww9uKzisSjAj9Zqmdbt1WMtqsmn_6cmYHWAyvtPkQ5MA/ Frame AB5F
0
13 B
XHR
General
Full URL
https://docs.google.com/forms/d/e/1FAIpQLSf4TBww9uKzisSjAj9Zqmdbt1WMtqsmn_6cmYHWAyvtPkQ5MA/naLogImpressions
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/freebird/_/js/k=freebird.v.en_CA.Sksy72FxlBY.O/d=1/rs=AMjVe6jjDwjjs6I1ENu6YLgltdQezd7Y6g/m=viewer_base
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80e::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-Wvg77/SZcqbqRcqF44BfWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'

Request headers

X-Same-Domain
1
Referer
https://docs.google.com/forms/d/1CTm8EnbwL9xMHvOdSHvCgZwIgNLsjiW9JdRllc0XxRA/viewform?edit_requested=true
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 05 Dec 2021 15:21:02 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
base-uri 'self';object-src 'none';report-uri https://csp.withgoogle.com/csp/forms/prod;script-src 'report-sample' 'nonce-Wvg77/SZcqbqRcqF44BfWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
GSE
expires
Mon, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame EA85
40 KB
20 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ&co=aHR0cHM6Ly9kb2NzLmdvb2dsZS5jb206NDQz&hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&badge=inline&cb=u7smzjz7nkd9
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0d9421888e65905bbdb71cb12ae2bdc3e70cab194b818605cd98942b98b7f445
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-PGK3TTnEb9VGqrscMd6srA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://docs.google.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 05 Dec 2021 15:21:02 GMT
content-security-policy
script-src 'report-sample' 'nonce-PGK3TTnEb9VGqrscMd6srA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
20772
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame EA85
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ&co=aHR0cHM6Ly9kb2NzLmdvb2dsZS5jb206NDQz&hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&badge=inline&cb=u7smzjz7nkd9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 17:22:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
424741
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24065
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 05:04:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Wed, 30 Nov 2022 17:22:01 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame EA85
343 KB
134 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ&co=aHR0cHM6Ly9kb2NzLmdvb2dsZS5jb206NDQz&hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&badge=inline&cb=u7smzjz7nkd9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7511f403bc5d8cdd240bbdb02c5848775e0f89f6dd952e70675d22fd434e1b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 13:58:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4961
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
137335
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 05:04:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Mon, 05 Dec 2022 13:58:21 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame EA85
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4e836cc5611e71fad7ca8b19324773a34afbad72550c012e50b83698262d6c50
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ&co=aHR0cHM6Ly9kb2NzLmdvb2dsZS5jb206NDQz&hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&size=invisible&badge=inline&cb=u7smzjz7nkd9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 15:21:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Sun, 05 Dec 2021 15:21:02 GMT
bframe
www.google.com/recaptcha/api2/ Frame 9C08
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a60e701542d70ee9b06e960a174f025a87d4cfdd5d4a696291625d8a29a0e519
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Vn7RBnHS9JETs8ZQiPIM7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://docs.google.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 05 Dec 2021 15:21:02 GMT
content-security-policy
script-src 'report-sample' 'nonce-Vn7RBnHS9JETs8ZQiPIM7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1112
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame 9C08
51 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 17:22:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
424741
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24065
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 05:04:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Wed, 30 Nov 2022 17:22:01 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/ Frame 9C08
343 KB
134 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7511f403bc5d8cdd240bbdb02c5848775e0f89f6dd952e70675d22fd434e1b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 13:58:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4961
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
137335
x-xss-protection
0
last-modified
Mon, 15 Nov 2021 05:04:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Mon, 05 Dec 2022 13:58:21 GMT
reload
www.google.com/recaptcha/api2/ Frame 9C08
36 KB
21 KB
XHR
General
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
dab313373cda884dfb0f641ab39f60c1857afcbd19acff145351056837d75dbd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/bframe?hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Sun, 05 Dec 2021 15:21:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21643
x-xss-protection
1; mode=block
expires
Sun, 05 Dec 2021 15:21:02 GMT
refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 9C08
600 B
624 B
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/refresh_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 19:22:08 GMT
x-content-type-options
nosniff
age
158334
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
600
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Fri, 10 Dec 2021 19:22:08 GMT
audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 9C08
530 B
554 B
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/audio_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sat, 04 Dec 2021 01:09:05 GMT
x-content-type-options
nosniff
age
137517
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
530
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Sat, 11 Dec 2021 01:09:05 GMT
info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 9C08
665 B
689 B
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/info_2x.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/_7Co1fh8iT2hcjvquYJ_3zSP/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 22:53:43 GMT
x-content-type-options
nosniff
age
491239
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
665
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Mon, 06 Dec 2021 22:53:43 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9C08
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 15:59:51 GMT
x-content-type-options
nosniff
age
429671
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Nov 2022 15:59:51 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9C08
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 22:51:38 GMT
x-content-type-options
nosniff
age
491364
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15340
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:16 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 29 Nov 2022 22:51:38 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9C08
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 12:21:15 GMT
x-content-type-options
nosniff
age
183587
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 03 Dec 2022 12:21:15 GMT
payload
www.google.com/recaptcha/api2/ Frame 9C08
40 KB
40 KB
Image
General
Full URL
https://www.google.com/recaptcha/api2/payload?p=06AGdBq275eeTfGeQu3oUtveZks5jzhSHZj-aKOUPqpqB-e5I36SH7tZTE-j2PvEAAsXywtEzelHnSBhTP45KaM63M4UjyrFPUFH0_PIuy2B08lNblZb3q2SHJnxAiO1Mb0oX5f9O7buZPxK8FVAkKyME_mJ4WCZ-7gqSjaT38zs2q11tR7uraA6m8mbL8YLXErSRqoCdDlgJwQzkdLkWQTbBQDdgf_Do2aQ&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
932780edeb29f23dc40e36c95292c0c904e3740f84af709aa34cfba1ee1d037c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/bframe?hl=en&v=_7Co1fh8iT2hcjvquYJ_3zSP&k=6LcJMyUUAAAAABOakew3hdiQ0dU8a21s-POW69KQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Sun, 05 Dec 2021 15:21:02 GMT
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
private, max-age=30
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40993
x-xss-protection
1; mode=block
expires
Sun, 05 Dec 2021 15:21:02 GMT

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler

4 Cookies

Domain/Path Name / Value
.docs.google.com/forms/d/1CTm8EnbwL9xMHvOdSHvCgZwIgNLsjiW9JdRllc0XxRA Name: S
Value: spreadsheet_forms=y3Amy_UM8UM0KaWtEFLiinYF0xJ5l77hfJtoFCEllqw
.docs.google.com/forms/d/1CTm8EnbwL9xMHvOdSHvCgZwIgNLsjiW9JdRllc0XxRA Name: COMPASS
Value: spreadsheet_forms=CjIACWuJV0_CEG2v4ak7lLjO02HXam8oU6EP2Inli-cDy0Uh2_FEKhbNdMLAJD7avzhydRDtzbONBho0AAlriVeiCeePjxTB8FKLW1zjDo5-jdcVc861QWLYRvp7FeDf_btNc8sKEgHbcf4PSalt7w==
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09ABBMTcOaIjkgp5lTmX3_sUOSu2U5TneoHtlvsX1y3lFhE6lAwtflu5sHqP_jodQ7DN3Qr8Uo1qeKpZRulpBIEqk
.google.com/ Name: NID
Value: 511=j2qDM2aJeJvNqrxpn77ra5un1gRQeVepOq6RGIyVtZoCh4XNwyafwh8XFz3YWWdPL5Y3mAQMhoNiMK8ene1fseUDu45ZhH3ILYDG8CBoASS2KARfs9oh9hr3a7fBrbZIGa0ZOTJtAC2udLFefo7_ak6w5av-touFfO5GsGJThk4

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

docs.google.com
fonts.googleapis.com
fonts.gstatic.com
lh6.googleusercontent.com
ssl.gstatic.com
www.bookingconfirmation.odishait.com
www.google.com
www.gstatic.com
2607:f8b0:4006:808::2001
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80d::2003
2607:f8b0:4006:80e::200e
2607:f8b0:4006:81c::2004
2607:f8b0:4006:81d::200a
2607:f8b0:4006:823::2003
51.222.41.207
07e86a231990ac1bf28b15c371252cc2ec302d247289b488a8968956053323e3
0d9421888e65905bbdb71cb12ae2bdc3e70cab194b818605cd98942b98b7f445
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1beefd626d506b3deca8dbffbbe90eb9b251641a324e82a26493934ee8100af5
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
47f9019272bdb86802d35d3591b0c7eef76a0c73935c836e47006bea87156bc5
4e836cc5611e71fad7ca8b19324773a34afbad72550c012e50b83698262d6c50
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
57243fd434e21b8aff3ac902f17e5a94e4a9e28412df169d0b1804ef25f5de43
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
78688961c758469af458530c1875f56279c41e05b1fd8b306929aa8445f390dc
7dba69037b140510c6cea5d1fa437c2a9f4028ada075f240aacc69b47aaf4769
87172bbb7a6dbab90eed6980f0227fce45be31f77c889a7792ce1b44b8744dbd
87353bb8a4cb3b662048a67a778a8f5186bed7a38725bf561f4b567858fc916b
8815526f7d2667c75297c2094dace87a1aeb879f5f79e17195cd077a783b03c5
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
932780edeb29f23dc40e36c95292c0c904e3740f84af709aa34cfba1ee1d037c
a59acfc662ed79da4a8d1f6490f5c279af1e8f35747ddc334fafd55c49cd3d66
a60e701542d70ee9b06e960a174f025a87d4cfdd5d4a696291625d8a29a0e519
b6eeef2059211780000bedb6153d1afc48bd45dd3600b21a2cd8150f7684c6fe
ba8663e3d87b920403aa3ac32b4949a49ca03e296987e1373601d722e451e559
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d9cfc02c425a36eab2ab7e2616df1fea9207cb37087e55b0cc9db861fc1bd414
dab313373cda884dfb0f641ab39f60c1857afcbd19acff145351056837d75dbd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f4af84efe90891185d9b29a841181ca9d26d7560864ea47b6cd709d3b964aee3
f515960b6c24cee30cfcaec3652938ad3fd8f0b21b19a17515d3770e78af2c6c
f7511f403bc5d8cdd240bbdb02c5848775e0f89f6dd952e70675d22fd434e1b4